White House Says Hard Drives Were Destroyed 411
wanderindiana brings us an update on the White House missing emails mess, which we have discussed before. It seems the hard drives of many White House computers are gone beyond the possibility of recovery. Is it unusual in your experience for, say, a corporate IT department to destroy hard drives by policy? "Older White House computer hard drives have been destroyed, the White House disclosed to a federal court Friday in a controversy over millions of possibly missing e-mails from 2003 to 2005. The White House revealed new information about how it handles its computers in an effort to persuade a federal magistrate it would be fruitless to undertake an e-mail recovery plan that the court proposed."
No it is not usual (Score:5, Informative)
I worked on some projects involving email at the white house. The system tracks other things includuding gifts and snail mail.
There are very specific rules and laws that must be followed and the million dollar consultants the white house pays to manage this stuff is very aware of those rules and laws.
Any destruction of email by the white house is purely intentional, period.
FTFA (Score:4, Informative)
That's standard practice, and required by law, for ANY government computers.
Re:Banking (Score:5, Informative)
1: Destroy hard drives comprehensively.
2: Ensure that any data on them of a sensitive/clinical nature is kept on a secure backup (in clinical data, for 25 years).
So, yes, destroying hard disks is a common thing. Now destroying DATA.. That's something else altogether.
For sensitive government documents, there is no excuse. Destroying the data can be arrived at through two ways:
1: Incompetence of the IT staff (with the amount of change control in a high profile environment such as high government/clinical, you'd have to be REALLY incompetent, and probably picked up way before this).
2: Someone said "This data is embarrassing. Make it go away.".
I'd say 2 was the most probable.
Spiking? (Score:3, Informative)
Then the company would physically destroy the drives... the low-budget company was a lot more fun then having them professionally destroyed.
I've heard that the military calls this "Spiking" a drive as they drive a railroad spike through the platters. But who knows if that's true or not.
Comment removed (Score:4, Informative)
Re:Awesome! (Score:2, Informative)
Re:Not really the point (Score:5, Informative)
This includes the Presidential Records Act [wikipedia.org] of 1978. This states that upon leaving office, white house documents become the property of the government. A different law, the Hatch Act [wikipedia.org], prohibits federal employees from engaging in partisan political activities.
In order to address the Hatch Act, about 88 people who work in the White House were given separate computers purchased by the Republican National Committee and given email addresses in the domain gwb43.com, georgewbush.com, and rnchq.org.
It appears that White House staff consciously used the political equipment and email for some official business, presumably so that no "paper trail" would be left behind. Indeed, instead of a paper trail, in each case, the investigators requested relevant emails
but it was found that those emails were handled on the RNC machines and thus were destroyed.
So part of the legacy of the Bush Administration is a blueprint for obstruction of justice.
I disagree that this is a non-story. I worry that this will now be added to the toolkit of future administrations. Every administration will thinks it knows best for the country and some will want to get around all these pesky laws.
Re:Not really the point (Score:5, Informative)
http://www.hipaadvisory.com/regs/recordretention.htm [hipaadvisory.com]
Disclaimer: I am a document specialist for a company that itself specialized in business processes for major Part C and Part D health providers. So I know this stuff.
So having you say this is a non-story, based on you citing that records must be adequately destroyed without first stressing that those destroyed records had to be on file, and available at a moment's notice, for YEARS, is disingenuous at best.
It's a story PRECISELY because of th amount of time the records HAD to be retained.
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/21/AR2008012102070_pf.html [washingtonpost.com]
So what happens if a probe is launched? Well, thanks to Sarbanes-Oxley (and the fuck up that was Enron, with BushCo's friend Kenneth Lay), Chapter 73 of USC18 (United States Code 18, Obstruction of Justice) was beefed up. Specifically Section 1505.
1505. Obstruction of proceedings before departments, agencies, and committee
Re:Not really the point (Score:3, Informative)
The local public school district (K-12) can not (by policy) allow a hard drive to get into thehands of anyone outside the shcool district. When we decommision/recycle a computer we DOD wipe the hard drives, remove them from the system, and then, if we don't need to use the drives as spare parts for other machines, they are sent out to be destroyed.
This is nothing unusual - at the previous poster indicated, this is a good IT practice and ensures that no data leaks out of the organization http://www.csoonline.com/read/030103/briefing_data.html [csoonline.com].
In a word... (Score:3, Informative)
No. It's not unusual at all, especially if those hard drives have held confidential information like people's medical or financial info. If there's a chance that they once held state secrets, then definitely. Anything less would be incompetence.
The only real question is what constitutes "destroyed." At medical or financial facilities a disk wiping utility that overwrites the disks with 1s and 0s ten or twenty times is usually secure enough to do the job. If you're dealing with state secrets, then shredding the disk platters is more appropriate.
Re:How they are destroyed (Score:4, Informative)
However, for the average person, it's good enough as it raises the bar for recovery beyond simply plugging it it or simply repairing a part of the drive. Don't know why you need a product for it though, a 1/4" drillbit will go through the aluminum backside of most harddrives like butter.
Re:Not really the point (Score:2, Informative)
Judging by what has happened with past Congressional investigations, the subpoenas will be ignored [democrats.com] and nothing will be done about it. [salon.com] It's a pattern [salon.com] that works for Bush again and again. [bbc.co.uk]
Sorry but the Rule of Law doesn't seem to apply when "National Security" is on the line.
Re:2000 version of the Nixon tapes (Score:5, Informative)
(Obligatory) Damn... Now I have to change the locks on my luggage.
Seriously, though. You're right. Even if things are 'secret' now doesn't mean that they should always be. I'm politically agnostic (I've had a fair share of dislike for both Republicans AND Democrats) so this shouldn't come off as a slam against any one party, but our elected officials at the highest levels need to understand that they are held accountable. It is particularly true for the current administration. To provide the excuse that the backups were lost (or any other lame excuse that I couldn't get away with in elementary school) is insulting. There are procedures for these things and multiple records are kept ABOUT the records that are kept (ever fill out a form in triplicate?). Tracking the media for the backups - without the need to know what that data was, exactly - is easy. Unless someone intentionally deleted those records (and perhaps including the actual backup data, itself), there should be a paper trail showing what happened to the backup media after is was used to take said backup. No secrets need be revealed. Then we'd know who accessed those media and when.
Seeing as how those records don't seem to exist anymore, something smells like rotten fish.
I'm insulted, personally, that this administration can't or won't keep track of it's backup media. For an organization to have so little control over something as simple as backup procedures indicates the people involved are either incompetent to even serve in office or have so little regard for the laws governing both them and the rest of us (depending on if they're truly lost or whether it was ordered destroyed).
While it's entirely plausible that the federal government is just that bad at keeping records, it's unlikely that data backups completely vanished without a trace. I'm guessing that someone at a high level in the administration (definitely not the President, but someone close to him) ordered the destruction of the media and all records associated with them. Quietly. And that's what I find so insulting.
Solution? Get Jack Bauer on it with Chloe feeding him instructions on recovery via his awesome cell phone. Oh, wait... There's no time! (or 2008 season, but I digress)
--Me, ending on a high note.
Re:How they are destroyed (Score:5, Informative)
It is possible to still retrieve the data. A hard drive never, ever, ever has a zero or one written on it. Instead (if I can accurately sum this up in a non-technical way that doesnt invalidate my answer), it has a close to "0" or close to "1" written. Much like how certain electronic chips (that lets say are +5 = on, 0 = off) arent truly at +5 or zero. A "threshold value" is used to determine on or off.
In the case of hard drives, assuming "0" and "1" are the desired results, a zero gets "written" to the disk (which ends up being a .0020919) or a one gets written (which ends up being a .98298329) - gotta remember it's not an actual number written - it's something that (loosely) corresponds with a voltage/magnetic resistance that indicates 0 or 1 when compared to a threshold... thus .1 or less may be 0, .9 or more may be 1, and anything inbetween indicates errors.
The government (various parts - the requirements vary) mandates multiple wipes, because there are recovery tools out there, that by reading the actual magnetic/electrical value can interpolate what the data was after a single wipe. The reason apparently being, setting from "1" to "0" (or vice versa) leaves enough of the residual one to determine it was a one.
Thats (I can guarantee you) a very poor attempt at explaining it, but the basic theory behind what I am trying to say is correct...
A better idea would be to read up on it for a better explanation...
http://en.wikipedia.org/wiki/Data_remanence
Scroll down the article to the section on "The Gutmann Method" to see why (a format is not acceptable means of wiping a drive).
A key point to this discussion is that "as of Nov 2007, overwriting is no longer a DoD-acceptable sanitization method for magnetic media. Only degaussing or physical destruction is acceptable." (Wikipedia)
This I find interesting timing, since it coincides with many requests for info and/or discovery of such info - that now, the DoD requires to be non-recoverable...